Approver(s):

Executive Council

Authorizes Release:

Vice President for Information Services

Responsible Area:

Information Services

Review Cycle:

Annually or as required

Last Review:

July 2024

Related Policies and Additional References:

Password

Scope and Purpose

The Technology Acceptable Use Policy serves as a comprehensive guide for users on the appropriate utilization of technology assets owned by St. Mary’s University. It is important to emphasize that while this policy provides clear guidelines and standards for technology use within the university’s domain, it does not encompass all federal or state laws governing technology usage. Additionally, it does not extend to technology that may be privately owned or controlled by users. Users are reminded of their obligation to adhere to all relevant laws and regulations beyond the scope of this policy.

Internet Access and University Infrastructure

  • Responsible Use. St. Mary’s University, committed to teaching, scholarship, and service to society, promotes the free exchange of information between and among students, faculty, staff, alumni, its service communities, and the global information community. The University provides access to local, national, and international sources of information and cultivates an atmosphere that encourages access to knowledge and sharing of information consistent with its mission.

    Responsible use of this access includes:
    1. Respect for the privacy of others; for example, regarding their files, programs, other data, or passwords unless explicitly authorized to do so by those users.
    2. Respect for the legal protection of copyright and license agreements for programs and data.
    3. Respect for the integrity of computing systems; for example, users shall not use University equipment or networks to intentionally develop programs that harass other users or infiltrate a computer or computing system and/or damage or alter the software or hardware components of a computer or computing system either external or internal to the University authorized academic purposes are exempted, e.g., the study of security software.
  • Editorial Control. University computer systems facilitate access to and distribution of information. The University has no editorial control over the content, materials or data distributed or disseminated on the network. The quality and content of the materials that exist on electronic data networks are beyond the control of the University. Users are responsible for the materials that they access through university resources.

Agreement to Comply

All users of computing systems must read, understand, and comply with the terms outlined in this Policy, as well as any additional guidelines established by university computer systems administrators. Users understand and agree that the University’s role in managing these systems is only as an information carrier, and that they will never consider transmission through these systems as an endorsement of said transmission by the University.

University Rights

These computer systems, facilities and accounts are owned and operated by the University. The University reserves all rights, including termination of service without notice, to the computing resources which it owns and operates. This policy shall not be construed as a waiver of any rights of the University, nor shall they conflict with applicable law.

Authorized Use

  • Access and Privileges. Access and privileges on the University’s computing systems are assigned and managed by the administrators of the specific individual systems. Eligible individuals may become authorized users of the system and be granted appropriate access and privileges by following the approval steps prescribed for that system.
  • Approval Required. All access to the University’s computer resources, including the issuing of passwords, must be approved by an authorized University official.

General Acceptance Usage

The following are examples of general acceptable usage of the University’s systems:

  • Scholarship, scientific research, or instructional applications engaged in by students, faculty, and staff.
  • Communication and exchange for professional development, to maintain currency, or to debate issues in a field or sub-field of knowledge.
  • Societies / Groups related to an academic discipline, college-association, government-advisory, or standards activities related to user’s research, instructional and administrative activities.
  • Access to college and university libraries and information and news from a variety of sources and research institutions.
  • Access to information resources, computers, and people throughout the world.
  • Interaction with students, faculty, staff, and wider publics electronically.
  • Discussion groups on a wide variety of topics.
  • Administrative and instructional activities which are part of the support infrastructure needed for instruction, scholarship, student services and institutional management.

Unacceptable Usage

  • Liability. Use of any of the University’s computer systems for any of the purposes listed in this section is strictly prohibited. Liability for violations of prohibited uses shall remain solely and exclusively with users. By using the University’s computer systems, users further agree to indemnify the University for any Liability incurred by the University for misuse by the user.
  • Agreement to Comply. Users agree to comply with the acceptable use guidelines for whichever outside networks or services they may access through the University’s system.
  • Responsibility for Transmission. The user agrees that, if someone does transmit, or cause to be transmitted, a message, information or material of any kind that is inconsistent with an environment conducive to learning or conducting University business or with a misleading origin, the person who performed the transmission will be solely accountable for the message, not the University, which is acting solely as the information carrier.

Prohibited Uses

University computer accounts and/or equipment may not be used for the following purposes:

Illegal Activity

Any illegal use of the network, or its use in support of such activities, is strictly prohibited. Illegal activities shall be defined as a violation of local, state, and/or federal laws. Criminal activities include:

  • Hacking/Computer Vandalism. Activities which interfere with or disrupt network users, services or equipment are prohibited. Such interference or disruption includes, but is not limited to:
    1. Distribution of unsolicited advertising or mass mailings;
    2. Propagation of computer worms or viruses;
    3. Using the network to make or attempt to make unauthorized entry to other computational, information or communications devices or resources or to other users’ files;
    4. Intentional interception of any electronic communication which is considered improper access and may also be in violation of the Electronic Communications Privacy Act, Chapter 119;
    5. The submission, publication, and/or transmission of information for the purpose of inciting crime is strictly prohibited;
    6. Unauthorized reconfiguration of or physical tampering with university resources is not allowed; Users must not attempt unauthorized modification or repair to any equipment belonging to or under the control of the University;
  • Violation of software licenses. The University licenses the use of its computer software from a variety of companies. The University does not own this software or its related documentation and, unless authorized by the software developer, does not have the right to reproduce it. Users must not violate the license agreements on any software applications installed on a university computer. Use of University computing facilities for private business activities or other non-educational functions violates the software license agreements extended to educational institutions and is not permitted. It is University policy that employees, students, and other users of university computing facilities shall use the software only in accordance with the license agreement. University employees, students or other users found to be making, acquiring, or using unauthorized copies of computer software will be disciplined as appropriate under the circumstances.
  • Violation of Copyrights. Information and resources accessible via university computer accounts are the private property of the individuals and organizations who own or hold rights to the resources and information. Users must not access information or resources unless permission to do so has been granted by the owners of rights to those resources or information. Users must not submit, publish, plagiarize, or transmit material which violates or infringes upon the copyrights held by others.

Inappropriate Use

Any inappropriate use of the network, or its use in support of such activities, is prohibited by the University. Inappropriate use shall be defined as a violation of the goals, purposes and intended use of the network. These may include the following:

  • Political Campaigns. University computing resources may not be used for political campaigns unless related to authorized academic purposes.
  • Threatening or Damaging Transmissions. Users must not use the University network access to create, publish, display, or transmit any materials that are threatening, defamatory, fraudulent, seditious, abusive, obscene, profane, or sexually oriented for purposes other than scholarship, scientific research, or instructional applications engaged in by students, faculty, and staff.
  • Offensive. Repeated transmission of material to a person who finds such transmission offensive, obscene or discriminatory will be treated as harassment and is against university policy and State and Federal regulations.
  • Misleading Information. Users agree not to attempt to transmit, or cause to be transmitted, any message in which the origination is deliberately misleading.
  • Commercial or For-Profit Activity. Any commercial, for-profit activity including marketing, sales, and distribution of mass mailings is prohibited unless related to authorized academic purposes. Users may not use the University network to process payments for privately held personal businesses.
  • Extensive Personal Use. Extensive use of the University’s network access for personal business is prohibited.

Violation of State and Federal Laws

Unauthorized access, attempted access or use of any University computer or computer network system is a violation of Texas and/or other applicable Federal laws and is subject to prosecution. The University reserves the right to prosecute any unlawful access or damage to any computer, computer system, computer network, computer program, or data to which the University provides access and or/services.

Disciplinary Actions

Anyone who uses University resources illegally or improperly may be subject to disciplinary actions, revocation of access to the University network, and possible legal action. The University will review alleged violations of the Acceptable Use Policy under the appropriate handbook depending on the status of the user, e.g., Student Handbook, Faculty Handbook, and Personnel Handbook. Failure to abide by these guidelines will result in revocation of privileges to use the computer systems. Students may also be subject to disciplinary sanctions up to and including dismissal from the institution. Faculty and staff members will be subject to appropriate disciplinary action.

Account and System Security

  • Individual Responsibility. Individual users are responsible for the proper use of their assigned account, including password protection. Users must not share their computer account with others who have not received University authorization. In the event of disciplinary action, the fact that someone else used without authorization another person’s account will not excuse for violations of this Acceptable Use Policy. User accounts assigned to another person must not be used without the permission of the account holder.
  • Reasonable Efforts to Minimize Loss of Data. University personnel responsible for the care, operation, use and maintenance of information systems will make every reasonable effort to minimize the loss of data in their efforts to maintain privacy and security on the systems. However, the University is not responsible for the loss of data or interference with files, resulting from its efforts to maintain the University’s infrastructure.
  • Saving Data. Users should save their data files to their own computer disks or cloud storage resources allocated to users by licensed agreement between the University and vendor partner. The University is not responsible for lost or deleted files that have been saved onto personal computers. The University is not responsible for disk or file damage due to viruses. Despite the growing popularity of social network sites, users should be concerned about the practice of revealing addresses, phone number, or other personal details about themselves or others.

Responsible Use of Artificial Intelligence (AI)

St. Mary’s University recognizes the growing significance of artificial intelligence in various academic and administrative domains. The responsible use of AI is fundamental to our commitment to ethical and lawful technology practices. Users are expected to exercise caution and responsibility when employing AI technologies. This includes ensuring that AI applications adhere to principles of fairness, transparency, and accountability. Users should not engage in AI-related activities that discriminate against individuals or groups, manipulate information, or compromise data privacy.

AI tools collect and store data from users as part of their learning process. Any data you enter into an AI tool becomes part of its training model which it might subsequently distribute to users outside the university. Users are advised not to share sensitive or personal information.

Unacceptable use

You may not enter any sensitive, restricted, or otherwise protected data into any generative AI tool or service.

This information includes, but is not limited to:

  • FERPA-protected information (PII)
  • Health information protected by HIPAA (PHI)
  • Material under confidential review, including research papers and funding proposals.
  • Information from electronic files you are not authorized to access and use.

You may not use AI tools or services to infringe copyright or other intellectual property rights.

Users must not share private or personal information about University employees and may not use University networks or equipment for entering personal information about any other person.

System Maintenance and Monitoring

Computer files, electronic mail, and accounts on university information systems are not the private property of the user. Users should have no reasonable expectations of privacy. Authorized University personnel may access others’ files when necessary for the maintenance or protection of computing facilities and to conduct university business.

During maintenance, every effort will be made to ensure the privacy of users’ files. However, during network maintenance and administration, the activities of individuals improperly using the network may be monitored. Individuals using the network without authority, or in excess of their authority, are subject to having all their activities on the network monitored and recorded. Users explicitly consent to such monitoring and are advised that if it reveals possible evidence of criminal activity, the University may provide the content of such monitoring to law enforcement and national defense agencies as appropriate.

Definitions

  • Artificial intelligence (AI): Refers to the ability of computer systems or algorithms to imitate intelligent human behavior. AI can perform tasks such as reasoning, making decisions, or solving problems. AI is used in many applications and services that we use every day, such as voice assistants, search engines, social media among many others.
  • Copyright: the exclusive legal right to reproduce, publish, sell, or distribute the original work of an author, artist, or creator.
  • FERPA-protected information (PII): any information that can be used to identify a student, such as name, address, date of birth, social security number, etc. FERPA stands for Family Educational Rights and Privacy Act, a federal law that protects the privacy of student education records.
  • Health information protected by HIPAA (PHI): any information that relates to the health or health care of an individual, such as medical records, diagnoses, treatments, prescriptions, etc. HIPAA stands for Health Insurance Portability and Accountability Act, a federal law that protects the privacy and security of health information.
  • Privacy: the state or condition of being free from being observed or disturbed by other people; the right to control who has access to one’s personal information.
Back to top